PATENT 

U.S. Patent Application No. 10/060,792 
Attorney Docket No. 0023-0220 



REMARKS 

In the non-final rejection, the Examiner rejects claims 1-16, 18-28, 34-40, 42, and 
44- 53 under 35 U.S.C. § 102(e) as anticipated by WIN et al. (U.S. Patent No. 
6,182,142); and rejects claims 17 and 41 under 35 U.S.C. § 103(a) as unpatentable over 
WIN et al. in view of COLEY et al. (U.S. Patent No. 5,826,014). Applicants respectfully 
traverse these rejections. 1 

To begin, Applicants submit that the rejection of claims 18 and 42 under 35 
U.S.C. § 102(e) as anticipated by WIN et al. is improper. Claim 18 depends from claim 
17 and claim 42 depends from claim 41. Claims 17 and 41 are rejected under 35 U.S.C. § 
103(a) as unpatentable over WIN et al. and COLEY et al. Therefore, the rejection of 
claims 18 and 42 must be based upon at least WIN et al. and COLEY. Since the rejection 
of claims 18 and 42 are based solely on WIN et al., the rejection of these claims is 
improper. 

Claims 1-16, 18-28, 34-40, 42, and 44- 53 stand rejected under 35 U.S.C. § 102(e) 
as allegedly anticipated by WIN et al. Applicants respectfully traverse this rejection. 

Claim 1 recites a method for accessing resources on a private network via an 
intermediary server. The method includes receiving a login request from a user for 
access to the intermediary server; authenticating the user in response to the login request; 
receiving a resource request from the authenticated user at the intermediary server, the 

1 As Applicants' remarks with respect to the Examiner's rejections overcome the rejections, Applicants' 
silence as to certain assertions by the Examiner in the Office Action or certain requirements that may be 
applicable to such rejections (e.g., whether a reference constitutes prior art, reasons for modifying a 
reference and/or combining references, assertions as to dependent claims, etc.) is not a concession by 
Applicants that such assertions are accurate or that such requirements have been met, and Applicants 
reserve the right to dispute these assertions/requirements in the future. 
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resource request requesting a particular operation with respect to a resource from the 
private network; obtaining access privileges for the authenticated user in response to the 
resource request; determining if the access privileges for the authenticated user permit the 
authenticated user to perform the particular operation at the private network; and 
preventing, by the intermediary server, performance of the particular operation at the 
private network if the access privileges for the authenticated user do not permit the 
authenticated user to perform the particular operation at the private network. WIN et al. 
does not disclose or suggest this combination of features. 

For example, WIN et al. docs not disclose or suggest preventing, by an 
intermediary server to which a user requests access, performance of a particular operation 
at a private network if access privileges for the authenticated user do not permit the 
authenticated user to perform the particular operation at the private network. The 
Examiner relies on reference 322 of WIN et al. as allegedly disclosing this feature of 
claim 1 (Office Action, pg. 3). Applicants respectfully disagree with the Examiner's 
interpretation of WIN et al. 

Reference 322 of WIN et al. illustrates a state in which a user does not have 
authorization and a Runtime Module returns a redirection to a pre-defined URL (column 
8, line 65- column 9, line 2). On page 2 of the Office Action, the Examiner specifically 
relies on Access Server 106 as corresponding to the recited intermediary server. 
However, WIN et al. discloses that state 322 is performed by Protected Server 104, not 
by Access Server 106 (see column 7, line 40 - column 9, line 21). Therefore, WIN et al. 
does not disclose or suggest preventing, by an intermediary server to which a user 
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requests access , performance of a particular operation at a private network if the access 
privileges for the authenticated user do not permit an authenticated user to perform the 
particular operation at the private network, as recited in claim 1 . 

For at least the foregoing reason, Applicants submit that claim 1 is not anticipated 
by WIN et al. 

Claims 2-16 and 18 depend from claim 1. Therefore, these claims are not 
anticipated by WIN et al. for at least the reasons given above with respect to claim 1 . 

Claim 1 9 recites a method for providing remote access to a private network via an 
intermediary server. The method includes receiving a login request from a remote user 
for access to the intermediary server; determining whether the remote user is permitted 
access to the intermediary server based on the login request; granting the remote user 
access to the intermediary server if the remote user is permitted access to the 
intermediary server, the granted access carrying access privileges to a portion the private 
network; receiving a resource request from the remote user at the intermediary server if 
the remote user is granted access to the intermediary server, the resource request 
requesting a particular resource on the private network; determining whether the resource 
request from the remote user is permitted by the access privileges; supplying the 
particular resource to the remote user through the intermediary server if the resource 
request from the remote user is permitted by the access privileges; and denying the 
remote user from access to the particular resource by the intermediary server if the 
resource request from the remote user is not permitted by the access privileges. WIN et 
al. does not disclose or suggest this combination of features. 
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For example, WIN et al. does not disclose or suggest supplying a particular 
resource to a remote user through an intermediary server to which a remote user requests 
access if the resource request from the remote user is permitted by the access privileges. 
The Examiner relies on Fig. 3C of WIN et al. as allegedly disclosing this feature (Office 
Action, pg. 4). Applicants respectfully disagree with the Examiner's interpretation of 
WIN et al. 

Fig. 3C of WIN et al. illustrates a state diagram showing processes carried out 
when a URL is a protected resource and a user is authenticated (column 8, lines 45-47). 
On page 3 of the Office Action, the Examiner specifically relies on Access Server 106 of 
WIN et al. as corresponding to the intermediary server of claim 19. However, according 
to Fig. 3C of WIN et al., Access Server 106 does not supply Resource Page 308. Rather, 
Resource Page 308 is supplied by HTTP server 202 within Protected Server 104 (see Fig. 
2 and Fig. 3C). Therefore, WIN et al. does not disclose or suggest supplying a particular 
resource to a remote user through an intermediary server to which a remote user requests 
access if the resource request from the remote user is permitted by the access privileges, 
as recited in claim 19. 

For at least the foregoing reason, Applicants submit that claim 19 is not 
anticipated by WIN et al. 

Claims 20-28 depend from claim 19. Therefore, these claims are not anticipated 
by WIN et al. for at least the reasons given above with respect to claim 19. 

Independent claims 34 and 44 recite features similar to (yet possibly of different 
scope than) features recited above with respect to claims 1 and 19, respectively. 
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Therefore, Applicants submit that claims 34 and 44 is not anticipated by WIN et al. for at 
least reasons similar to reasons given above with respect to claims 1 and 19. 

Claims 35-40 and 42 depend from claim 34. Therefore, these claims are not 
anticipated by WIN et al. for at least the reasons given above with respect to claim 34. 

Claims 45-50 depend from claim 44. Therefore, these claims are not anticipated 
by WIN et al. for at least the reasons given above with respect to claim 44. 

Claim 5 1 recites an intermediary server system that includes means for sending a 
modified resource to a client; mean for receiving a request for a resource from the client; 
means for forwarding the received request to a remote server through a private network; 
means for receiving the resource from the remote server in response to the forwarded 
request; means for replacing a link in the received resource with a link that points to the 
intermediary server system to obtain the modified resource; means for authenticating the 
client, the means for authenticating the client included in a device that hosts the means 
for sending the modified resource to the client and the means for receiving the request; 
and means for controlling client access to the requested resource based on authentication 
information and access information. WIN et al. does not disclose or suggest this 
combination of features. 

For example, WIN et al. does not disclose or suggest means for authenticating a 
client, the means for authenticating the client included in a device that hosts the means 
for sending the modified resource to the client and the means for receiving the request. 
The Examiner relies on column 6, lines 49-51 of WIN et al. as allegedly disclosing this 
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feature (Office Action, pg. 5). Applicants respectfully disagree with the Examiner's 
interpretation of WIN et al. 

At column 6, lines 48-51, WIN et al. discloses: 

Access Server 106 stores a log-in page, Authentication Client Module and 
Access Menu Module. The Authentication Client Module authenticates a user by 
verifying the name and password with the Registry Server 108. 

This section of WIN et al. discloses that the Authentication Client Module is stored in 

Access Server 106 and authenticates a user by verifying the name and password with 

Registry Server 108. Access Server 106 does not host a means for sending the modified 

resource to the client and a means for receiving a request for a resource from the client. 

Instead, Access Server 106 stores a log-in page, Authentication Client Module, and 

Access Menu Module (column 6, lines 48-51). Therefore, this section of WIN et al. does 

not disclose or suggest means for authenticating a client , the means for authenticating the 

client included in a device that hosts the means for sending the modified resource to the 

client and the means for receiving the request , as recited in claim 5 1 . 

For at least the foregoing reason, Applicants submit that claim 5 1 is not 
anticipated by WIN et al. 

Claims 52 and 53 depend from claim 51. Therefore, these claims are not 
anticipated by WIN et al. for at least the reasons given above with respect to claim 5 1 . 

Claims 17 and 41 stand rejected under 35 U.S.C. § 103(a) as allegedly being 
unpatentable over WIN et al. in view of COLEY et al. Applicants respectfully traverse 
this rejection. 
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Claims 17 depends from claim 1. Without acquiescing in the rejection of claim 
17, Applicants submit that the disclosure of COLEY et al. does not remedy the 
deficiencies in the disclosure of WIN et al. set forth above with respect to claim 1. 
Therefore, claim 17 is patentable over WIN et al. and COLEY et al, whether taken alone 
or in any reasonable combination, for at least the reasons given above with respect to 
claim 1 . 

Claim 41 depends from claim 34. Without acquiescing in the rejection of claim 
41, Applicants submit that the disclosure of COLEY et al. does not remedy the 
deficiencies in the disclosure of WIN et al. set forth above with respect to claim 34. 
Therefore, claim 41 is patentable over WIN et al. and COLEY et al., whether taken alone 
or in any reasonable combination, for at least the reasons given above with respect to 
claim 34. 
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In view of the foregoing remarks, Applicants respectfully request the Examiner's 
reconsideration of this application, and the timely allowance of the pending claims. 

To the extent necessary, a petition for an extension of time under 37 C.F.R. § 
1 . 136 is hereby made. Please charge any shortage in fees due in connection with the 
filing of this paper, including extension of time fees, to Deposit Account No. 50-1070 
and please credit any excess fees to such deposit account. 

Respectfully submitted, 
Harrity Snyder, L.L.P. 



By: /Mcagan S. Walling. Reg. No. 60.1 12/ 
Meagan S. Walling 
Registration No. 60,112 

Date: July 7, 2008 

1 1350 Random Hills Road 
Suite 600 

Fairfax, Virginia 22030 
(571)432-0800 

Customer Number: 44987 
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